Senior Security Analyst (Digital Forensics Incident Response) - Hybrid
02 January 2025
Jisc Grade: TCY3 (internal use only)
Hours: 35 hours per week
Contract: Permanent
Reports into: Lead Incident Investigator (DFIR)
Location: Hybrid - A blend of working from home and your nominated hub office, with hubs in London, Bristol, Manchester, and Oxford. Specific patterns for working in the office are agreed with your manager.
About Jisc:
Jisc is the UK digital, data, and technology agency focused on tertiary education, research, and innovation. We are a not-for-profit organisation aimed at improving lives through education and research by providing hardware, software, and networking solutions.
About the Team:
Jisc’s Security Operations Team safeguards both the Janet Network and internal security while advising our members to keep their networks safe. The Security Operations Centre (SOC) comprises Cyber Security Incident Response (CSIRT), Network Defensive Services, and SIEM teams.
About the Role:
This role will include the operation of Jisc’s Digital Forensics Service, participating in triage, collection, and analysis of digital forensics data from various sources and using security-related tools to provide incident response capability.
Responsibilities will include:
* Perform forensics investigations using defined processes and tools to support cyber incident response engagements and post-incident analysis.
* Support the continuous monitoring of SOC customer IT infrastructure for signs of suspicious or malicious activity.
* Continuously improve internal services technologies to enhance threat analytics and incident management.
* Support members with onsite or remote recovery of a cyber incident.
Key Skills and Experience:
* Understanding of common digital forensics artifacts across Windows and at least one other operating system.
* Understanding of IT environments including Microsoft Stack (Azure, Active Directory).
* Familiarity with security tools and systems such as SIEMs, EDRs, IDS, WAF, and DDoS mitigation systems.
* Previous experience in a digital forensics and incident response environment is beneficial.
* Understanding of identification and analysis of Indicators of Compromise (IOCs).
* Sound working knowledge of TCP/IP and related Internet protocols.
* Ability to communicate effectively with a range of security professionals.
Why Work for Us?
At Jisc, everyone plays a key role and has the opportunity to contribute meaningfully. We promote a culture of lifelong learning and flexible working.
Equity, Diversity and Inclusion:
At Jisc, we value unique perspectives and experiences. We are committed to creating an inclusive culture that encourages innovation and values belonging.
Application Process:
We want you to showcase your talent throughout the recruitment process. Please let us know how we can best support you. We aim to provide an update on your application within 4 weeks of receiving it.
Jisc has an active sponsor licence to recruit on a Skilled worker visa basis. Candidates wishing to apply who require sponsorship should determine the likelihood of obtaining a Certificate of Sponsorship for the role.
No agencies please.
You will need to create an account and sign in to apply for a role.
#J-18808-Ljbffr